Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-27Palo Alto Networks Unit 42Amanda Tanner, Alex Hinchliffe, Doel Santos
@online{tanner:20220127:threat:15f076d, author = {Amanda Tanner and Alex Hinchliffe and Doel Santos}, title = {{Threat Assessment: BlackCat Ransomware}}, date = {2022-01-27}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/blackcat-ransomware/}, language = {English}, urldate = {2022-02-01} } Threat Assessment: BlackCat Ransomware
BlackCat
2021-07-27Palo Alto Networks Unit 42Mike Harbison, Alex Hinchliffe
@online{harbison:20210727:thor:5d6d793, author = {Mike Harbison and Alex Hinchliffe}, title = {{THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group}}, date = {2021-07-27}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/thor-plugx-variant/}, language = {English}, urldate = {2021-07-29} } THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX
2021-07-15Palo Alto Networks Unit 42Robert Falcone, Alex Hinchliffe, Quinn Cooke
@online{falcone:20210715:mespinoza:cabb0ab, author = {Robert Falcone and Alex Hinchliffe and Quinn Cooke}, title = {{Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools}}, date = {2021-07-15}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/gasket-and-magicsocks-tools-install-mespinoza-ransomware/}, language = {English}, urldate = {2021-07-20} } Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
Gasket Mespinoza
2020-07-30Palo Alto Networks Unit 42Alex Hinchliffe, Doel Santos, Adrian McCabe, Robert Falcone
@online{hinchliffe:20200730:threat:e1b5ad9, author = {Alex Hinchliffe and Doel Santos and Adrian McCabe and Robert Falcone}, title = {{Threat Assessment: WastedLocker Ransomware}}, date = {2020-07-30}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wastedlocker/}, language = {English}, urldate = {2021-06-09} } Threat Assessment: WastedLocker Ransomware
WastedLocker
2020-06-03Palo Alto Networks Unit 42Doel Santos, Alex Hinchliffe
@online{santos:20200603:threat:37e881b, author = {Doel Santos and Alex Hinchliffe}, title = {{Threat Assessment: Hangover Threat Group}}, date = {2020-06-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/threat-assessment-hangover-threat-group/}, language = {English}, urldate = {2022-03-16} } Threat Assessment: Hangover Threat Group
BackConfig VICEROY TIGER
2020-06-03paloalto Networks Unit 42Doel Santos, Alex Hinchliffe
@online{santos:20200603:threat:0ae192e, author = {Doel Santos and Alex Hinchliffe}, title = {{Threat Assessment: Hangover Threat Group}}, date = {2020-06-03}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/threat-assessment-hangover-threat-group}, language = {English}, urldate = {2020-06-08} } Threat Assessment: Hangover Threat Group
2020-05-11Palo Alto Networks Unit 42Alex Hinchliffe, Robert Falcone
@online{hinchliffe:20200511:updated:02c3515, author = {Alex Hinchliffe and Robert Falcone}, title = {{Updated BackConfig Malware Targeting Government and Military Organizations in South Asia}}, date = {2020-05-11}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/updated-backconfig-malware-targeting-government-and-military-organizations/}, language = {English}, urldate = {2022-03-16} } Updated BackConfig Malware Targeting Government and Military Organizations in South Asia
VICEROY TIGER
2020-03-03Palo Alto Networks Unit 42Robert Falcone, Bryan Lee, Alex Hinchliffe
@online{falcone:20200303:molerats:990b000, author = {Robert Falcone and Bryan Lee and Alex Hinchliffe}, title = {{Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations}}, date = {2020-03-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/molerats-delivers-spark-backdoor/}, language = {English}, urldate = {2020-03-03} } Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations
Downeks JhoneRAT Molerat Loader Spark
2020-03-02Virus BulletinAlex Hinchliffe
@online{hinchliffe:20200302:pulling:35771e7, author = {Alex Hinchliffe}, title = {{Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary}}, date = {2020-03-02}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-pulling-pkplug-adversary-playbook-long-standing-espionage-activity-chinese-nation-state-adversary/}, language = {English}, urldate = {2020-03-02} } Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary
HenBox Farseer PlugX Poison Ivy
2019-10-03Palo Alto Networks Unit 42Alex Hinchliffe
@online{hinchliffe:20191003:pkplug:4a43ea5, author = {Alex Hinchliffe}, title = {{PKPLUG: Chinese Cyber Espionage Group Attacking Asia}}, date = {2019-10-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia/}, language = {English}, urldate = {2020-01-07} } PKPLUG: Chinese Cyber Espionage Group Attacking Asia
HenBox Farseer PlugX
2019-02-26Palo Alto Networks Unit 42Alex Hinchliffe, Mike Harbison
@online{hinchliffe:20190226:farseer:62554e3, author = {Alex Hinchliffe and Mike Harbison}, title = {{Farseer: Previously Unknown Malware Family bolsters the Chinese armoury}}, date = {2019-02-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/farseer-previously-unknown-malware-family-bolsters-the-chinese-armoury/}, language = {English}, urldate = {2020-01-08} } Farseer: Previously Unknown Malware Family bolsters the Chinese armoury
Farseer
2018-03-13Palo Alto Networks Unit 42Alex Hinchliffe, Mike Harbison, Jen Miller-Osborn, Tom Lancaster
@online{hinchliffe:20180313:henbox:4d61efe, author = {Alex Hinchliffe and Mike Harbison and Jen Miller-Osborn and Tom Lancaster}, title = {{HenBox: The Chickens Come Home to Roost}}, date = {2018-03-13}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unit42-henbox-chickens-come-home-roost/}, language = {English}, urldate = {2020-01-09} } HenBox: The Chickens Come Home to Roost
HenBox
2017-08-31Palo Alto Networks Unit 42Alex Hinchliffe, Jen Miller-Osborn
@online{hinchliffe:20170831:updated:fd02a16, author = {Alex Hinchliffe and Jen Miller-Osborn}, title = {{Updated KHRAT Malware Used in Cambodia Attacks}}, date = {2017-08-31}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/08/unit42-updated-khrat-malware-used-in-cambodia-attacks/}, language = {English}, urldate = {2019-12-20} } Updated KHRAT Malware Used in Cambodia Attacks